Akira Kato and I submitted draft-fujiwara-dnsop-nsec-aggressiveuse. If you have interests, please comment.
Subject: New Version Notification for draft-fujiwara-dnsop-nsec-aggressiveuse-00.txt From: internet-dra...@ietf.org Date: Mon, 09 Mar 2015 10:20:47 -0700 A new version of I-D, draft-fujiwara-dnsop-nsec-aggressiveuse-00.txt has been successfully submitted by Kazunori Fujiwara and posted to the IETF repository. Name: draft-fujiwara-dnsop-nsec-aggressiveuse Revision: 00 Title: Aggressive use of NSEC/NSEC3 Document date: 2015-03-10 Group: Individual Submission Pages: 6 URL: http://www.ietf.org/internet-drafts/draft-fujiwara-dnsop-nsec-aggressiveuse-00.txt Status: https://datatracker.ietf.org/doc/draft-fujiwara-dnsop-nsec-aggressiveuse/ Htmlized: http://tools.ietf.org/html/draft-fujiwara-dnsop-nsec-aggressiveuse-00 Abstract: DNS highly depends on cache, however, cache usage of non-existence information was limited to exact matching. This draft proposes the aggressive use of NSEC/NSEC3 resource record, which is able to express non-existence of range of names authoritatively. With this proposal, shorter latency to many of negative response is expected as well as some level of mitigation of random sub-domain attacks (referred to as "Water Torture" attacks). And more, non-existent TLD queries to Root DNS servers will decrease. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat -- Kazunori Fujiwara, JPRS <fujiw...@jprs.co.jp> _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop